Authorization

Making an authorized API request

All the requests needs to be authorized with a Bearer auth header so that we know who is making the requests.

Access tokens can be generated & re-generated in your Settings page

After obtaining an access token, your application can use that token to submit authorized API requests. The API supports two ways to specify an access token:

Specify the access token as the value of the Authorization: Bearer HTTP request header. This is the recommended approach.

POST /api/v1/ping HTTP/1.1
Host: shrtnr.co
Authorization: Bearer {ACCESS_TOKEN}
...

You can test this using cURL with the following command:

curl -X POST -H "Authorization: Bearer {ACCESS_TOKEN}" https://shrtnr.co/api/v1/ping

2. Specify the access token as the value of the api_token query parameter:

https://shrtnr.co/api/v1/ping?api_token={ACCESS_TOKEN}

The API returns an HTTP 401 response code (Unauthorized) if you submit a request to access a protected resource with an access token that is expired, bogus, improperly scoped, or invalid for some other reason.

Any requests not using the https schema will fail, always send secure requests.

PreviousIntroduction NextRequests

Last updated 5 years ago

Was this helpful?